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DECISION ON APPEAL 



1 The two-month time period for filing an appeal or commencing a civil 
action, as recited in 37 C.F.R. § 1.304, or for filing a request for rehearing, 
as recited in 37 C.F.R. § 41.52, begins to run from the "MAIL DATE" 
(paper delivery mode) or the "NOTIFICATION DATE" (electronic delivery 
mode) shown on the PTOL-90A cover letter attached to this decision. 
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Appellants appeal under 35 U.S.C. § 134(a) (2002) from a final 
rejection of claims 1-5, 8-10, 14, 21-29, 33-39, 41-43, and 47-55. Claims 6, 
7, 11-13, 15-20, 30-32, 40, and 44-46 have been canceled. (Br., 2). We have 
jurisdiction under 35 U.S.C. § 6(b) (2008). 

We AFFIRM. 

Introduction 

According to Appellants, the invention is a system and method for 
secure communication between two entities (Spec, 1 and Abstract). A 
virtual private proxy is generated between the two entities based on 
agreement between the two entities (Abstract). Each entity has a virtual 
private proxy associated with it (id.). When data is monitored, if the data 
associated with the first entity violates the agreement, the data is disallowed 
(id.). 

STATEMENT OF THE CASE 

Exemplary Claim(s) 

Claim 1 is an exemplary claim and is reproduced below: 

1. A method for secure communication comprising: 

generating a plurality of virtual private proxies based on 
an agreement between a first entity and a second entity; 

associating a first virtual private proxy of the plurality of 
virtual private proxies with the first entity and a second virtual 
private proxy of the plurality of virtual private proxies with the 
second entity; 

monitoring data at the first virtual private proxy 
associated with the first entity; 
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determining whether the data violates the agreement; and 

disallowing communication of the data from the first 
virtual private proxy to the second virtual private proxy when 
the data violates the agreement. 

Prior Art 

Dan (Dan '290) US 6, 148,290 Nov. 14, 2000 

Reed US 6,266,^ '04 Bl Jul. 24, 2001 

Ashdown US 6,308,276 Bl Oct. 23, 2001 

Dan (Dan '103) US 2002/0178103 A 1 Nov. 28, 2002 

Epstein US 6,684,329 Bl Jan. 27, 2004 

Charles P. Pfleeger, "Security In Computing", pp. 270-273, 2 nd Ed., 1996, 
ISBN: 0-13-37486-6. (Pfleeger) 

Rejections 

Claims 1-4, 14, 24-26, 28-29, 37, 41, 43, and 52-54 stand rejected 
under 35 U.S.C. § 103(a) as being unpatentable over Dan '290, and 
Epsteine. 

Claims 5 and 47 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Dan '290, Epsteine, and Reed. 

Claims 5 and 47 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Dan '290, Epsteine, and Pfleeger. 

Claims 38, 39 and 53 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Dan '290, Epsteine, and Ashdown. 
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Claims 8-10, 21-23, 27, 33-36, 42, and 55 stand rejected under 
35 U.S.C. § 103(a) as being unpatentable over Dan '290, Epsteine, and Dan 
'103. 

Claims 48-51 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Dan '290, Epsteine, Pfleeger, and Dan '103. 

Claims 48-51 stand rejected under 35 U.S.C. § 103(a) as being 
unpatentable over Dan '290, Epsteine, Reed, and Dan '103. 

GROUPING OF CLAIMS 

(1) Appellants argue all of the independent claims 1, 14, 26, 41, and 
55 with respect to independent claim 1 (Br. 5-11). We select 
independent claim 1 as the representative claim. We treat the 
dependent claims, 2-5, 21-25, 27-29, 33-39, 42, 43, and 47-54 as 
standing or falling with their respective dependency as they were 
not separately argued. Therefore, claims 2-5, 8-10, 14, 21-29, 
33-39, 41-43, and 47-55 stand or fall with representative claim 1. 

(2) Appellants argue claim 8 separately (Br. 10). Claims 9 and 10 
depend from claim 8 and were not separately argued; therefore, 
claims 9 and 10 stand or fall with claim 8. 

See 37 C.F.R. § 41.37(c)(l)(vii). 

35 U.S.C. § 103(a): claims 1-4, 14, 24-26, 28-29, 37, 41, 43, and 52-54 
ISSUE 1A 

Appellants assert their invention is not obvious over Dan '290 and 
Epsteine because Dan '290 does not teach or suggest generating a plurality 
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of virtual private proxies (VPP) (App. Br. 5). Instead, according to 
Appellants, Dan '290 teaches enforcement code components that are 
components of a business service application that is public (App. Br. 5-6). 
Because Dan '290 explicitly declares the public nature of the environment to 
be an important aspect of Dan '290' s invention, Appellants contend Dan 
'290 does not teach the limitation recited (App. Br. 6). 

Appellants next argue Dan '290 does not teach proxies being 
generated (App. Br. 6). Specifically, Appellants contend none of the 
elements of Dan '290 cited qualify as proxies or are described as proxies 
(id.). 

The Examiner finds Appellants did not defined various terms 
including "private" and "proxy" (Ans. 12). The Examiner then finds, in 
light of definitions one of ordinary skill in the art would attribute to these 
terms, Dan '290's invention includes enforcement components that are a 
plurality of virtual proxies, for enforcing particular service contracts and 
services on behalf of enterprise networks (private entities) that result in the 
business service provider controlling a "service implementation component 
that executes . . . entirely on the service execution engine of the business 
service provider" (Ans. 11-12, 16-17, and 19). Accordingly the Examiner 
finds Dan '290 discloses that a plurality of virtual private proxies are 
generated (Ans. 11-13). 

Issue 1A Have Appellants shown the Examiner erred in finding Dan 
'290 discloses "generating a plurality of virtual private proxies?" 
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FINDINGS OF FACT (FF) 
Appellants' Specification 

(1) A VPP may be a logical entity (Spec. 1 0, 11. 8). 

Dan '290 

(2) Dan '290 teaches a method and system for managing an 
automated business service system including multiple parties and a service 
contract specifying rules of interaction between the parties during service 
transactions (Abstract). The provider of the business service 500 controls 
and has full knowledge of the actual service implementation component 508 
while the end user or client application only knows how to interact via the 
enforcement code component 502 and the contract specification 514 
provided (col. 6, 11. 2-5). 

(3) A business service application 500 includes separate 
enforcement code components 502, 504 and 506 for enforcing a service 
contract(s) and service implementation component 508 which contains 
service implementation logic. In an example, the enforcement code 
components 502 and 512 are automatically generated from a single service 
contract 514 and executed on the service execution engine 510 and the client 
engine 516, respectively to ensure enforcement of interaction rules. The 
service contract specifies the rules of interaction between the parties 
including the permitted interaction patterns by the client and the required 
interaction pattern behaviors of the service provider. (Col. 5, 11. 49-63, col. 
6, 11. 11-34, and Fig. 5). 

(4) [T]he enforcement code components can serve many purposes 
in the function of enforcing the specifications of the service 
contract. For example, enforcement code 512, upon receiving a 
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request to be sent from the application 526, can log the request 
(noting time and content), number the request for correlation to 
an anticipated response, provide a signing function, include a 
timer function and notification in event of timeout and pass the 
request by a chosen protocol. When receiving a request or 
response from the service application 500, the enforcement 
code component can provide some of the functions listed 
hereinabove and also can determine whether the message is a 
response or a request, check validity of response and take 
appropriate action. 

(Col. 6, 11. 26-38). 

Dictionary 

(5) A "proxy" is defined as "authority or power to act for another" 
Merriam-Webster's Collegiate Dictionary 938 (10 th ed. 2000). 

(6) "Private" is defined as "intended for or restricted to use of a 
particular person, group, or class" Merriam-Webster's Collegiate Dictionary 
925 (10 th ed. 2000). 

ANALYSIS 

After consideration, we adopt the Examiner's findings that Dan '290 
teaches generating virtual private proxies. Appellants have not defined 
"virtual private proxy" (See Spec. 9-10). "In the absence of an express 
intent to impart a novel meaning to the claim terms, the words are presumed 
to take on the ordinary and customary meanings attributed to them by those 
of ordinary skill in the art." Brookhill-Wilk 1, LLC. v. Intuitive Surgical, Inc., 
334 F.3d 1294, 1298 (Fed. Cir. 2003) (internal citations omitted). The 
"ordinary and customary meaning of a claim term is the meaning that the 
term would have to a person of ordinary skill in the art in question at the 
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time of the invention, i.e., as of the effective filing date of the patent 
application." Phillips v. AWH Corp., 415 F.3d 1303, 1313 (Fed. Cir. 2005) 
(en banc). We determine the scope of the claims in patent applications not 
solely on the basis of the claim language, but upon giving claims their 
broadest reasonable construction in light of the specification as it would be 
interpreted by one of ordinary skill in the art. In re Am. Acad. ofSci. Tech. 
Or., 367 F.3d 1359, 1364 (Fed. Cir. 2004). 

In Dan '290, the enforcement code components can have many 
functions (FF 3). Given the proposed functions set forth by Dan '290, we 
find the enforcement code components (computer logic) have the function of 
standing in for another (the agreement) (FF 5). Thus, we find that the 
enforcement code components are proxies. 

Additionally, Dan '290 teaches a business service implementing 
separate enforcement code components executed on different engines (FF 2 
and 3). Since these proxies can be restricted to use of a particular device, 
group or person (FF 6), we find these virtual proxies are private. According 
to Dan '290, a single service contract is utilized to generate the enforcement 
code components 502 and 512 (FF 3). Therefore, we find the enforcement 
code components are generated based on an agreement. Moreover, since 
each enforcement code component is generated to be executed on respective 
engines, we find the proxies are each associated with a different entity (FF 3 
and Fig. 5). 
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In light of these teachings by Dan '290, we find Appellants have 
failed to persuade us of error in the Examiner's findings that Dan '290 
teaches generating virtual private proxies. 

ISSUE IB 

Appellants further contend Dan '290 and Epsteine do not teach or 
suggest "determining whether the data violates the agreement" or 
"disallowing communication of the data from the first virtual proxy to the 
second virtual private proxy when the data violates the agreement" (App. Br. 
7 and 8). According to Appellants, Dan '290 instead describes automatic 
generation of code used to implement a service contract (App. Br. 7). 

The Examiner finds Dan '290 discloses an agreement that is used to 
take appropriate action based on the agreement data to be communicated 
from first entity utilizing a first proxy and second entity utilizing a second 
proxy (Ans. 14-15 and 20). The Examiner further finds that Epsteine 
teaches allowing data communication based on an agreement and concludes 
it would have been obvious to one of ordinary skill in the art at the time of 
Appellants' invention to disallow communication of data between entities as 
taught by Dan '290 based on an agreement as taught by Epsteine (Ans. 15 
and 20). 

Issue IB: Have Appellants shown the Examiner erred in finding the 
prior art teaches "determining whether the data violates the agreement" and 
"disallowing communication of the data from the first virtual proxy to the 
second virtual private proxy when the data violates the agreement?" 
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FURTHER FINDINGS OF FACT (FF) 
Epsteine 

(7) In a generic example, a firewall system 120 screens all 
connections between a private network 110 and an untrusted system 140. 
During the screening process, the "firewall system 120 determines which 
traffic should be allowed and which traffic should be disallowed based on a 
predetermined security policy." (Col. 1, 11. 19-26 and Fig. 1). 

ANALYSIS 

We find Dan '290 teaches determining if the data violates the 
agreement as the data is transferred via the enforcement code components 
which ensure enforcement of the interaction rules (FF 3). Therefore, we find 
it inherent that these enforcement code components would need to determine 
whether the data violates the interaction rules in order to enforce them. 
Accordingly, we find Dan '290 teaches "determining whether the data 
violates the agreement." 

We further find that the combination of Dan '290 and Epsteine 
teaches disallowing traffic based on an agreement (FF 7). Thus, we find 
Dan '290' s teaching of communications between proxies (as discussed 
above in Issue 1A) according to an agreement (FF 3) and Epsteine' s 
teaching of disallowing communication according to an agreement teach 
"disallowing communication of the data from the first virtual proxy to the 
second virtual proxy when the data violates the agreement." 
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ISSUE 1C 

Appellants argue no motivation exists to modify Dan '290' s public 
system using Epsteine's firewall enhancement system (App. Br. 6-7). 
Specifically, Appellants argue that since Dan '290' s business service 
application is public, implementing Epsteine's firewall enhancement system 
would undermine a fundamental principle of operation of Dan '290 (App. 
Br. 7). 

The Examiner finds Epsteine suggests allowing or disallowing data 
communication based on a security policy which the Examiner finds to be a 
predetermined agreement (Ans. 4 and 14). Thus, the Examiner finds it 
would have been obvious to one of ordinary skill in the art at the time of 
Appellant's invention to "disallow communication of the data between the 
first entity (using a first virtual proxy) and the second entity (using the 
second virtual proxy) as disclosed by Dan '290, based on an agreement as 
disclosed by Epsteine" to achieve a system that would allow only traffic 
conforming to a predetermined security policy (Ans. 4, 14, and 17-20). 

Issue 1C: Have Appellants shown the Examiner erred in finding one 
of ordinary skill in the art would have been motivated to combine Epsteine's 
firewall enhancement system into the system of Dan '290? 

ANALYSIS 

We disagree that implementing Epsteine's firewall enhancement 
system would undermine a fundamental principle of operation of Dan '290. 
As discussed above with respect to Issue 1A, we find that Dan '290 teaches 
private proxies. Using a firewall to allow or disallow traffic based on an 
agreement does not undermine the basic principle of Dan '290 which teaches 
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private proxies and other elements of a business service system that permits 
communication between entities according to rules of interaction. Indeed, 
we find an ordinary artisan would have possessed the knowledge and skills 
rendering one capable of combining the technology of Epsteine into the 
system of Dan '290 as Dan '290 already suggests enforcement of interaction 
between proxies. ("[T]he proper question is whether the ordinary artisan 
possesses knowledge and skills rendering him capable of combining the 
prior art references." DyStar Textilfarben GmbH & Co. Deutschland KG v. 
CM. Patrick Co., 464 F.3d 1356, 1368 (Fed. Cir. 2006) (emphasis in 
original). We find the Examiner has articulated a motivation with a rational 
underpinning and Appellants have not persuaded us that the Examiner erred 
in finding one of ordinary skill in the art would have been motivated at the 
time Appellants' invention was made, to combine Epsteine' s firewall 
enhancement system into the system of Dan '290. 

ISSUE 2 
35 U.S.C. § 103(a): claims 8-10 

Appellants argue Dan does not teach an agreement that includes the 
types of data allowed and the Examiner did not "even allege that the 
references teach or claim this element" (App. Br. 10). 

The Examiner finds that to perform a comparison to determine if data 
is allowable, as discussed in Issue IB, the data that is allowed must be listed 
(Ans. 15). The Examiner further finds Dan teaches Dan '103, provides 
exemplary types of data that could be found in an agreement including types 
of protocols used (Ans. 15-16). Thus, the Examiner concludes, it would 
have been obvious to one of ordinary skill in the art at the time of applicant's 
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invention to include allowable data types in an agreement given the benefit 
of fine control of data communication (Ans. 16). 

Issue 2: Have Appellants shown the Examiner erred in finding Dan 
'103 teaches "the agreement comprises types of data allowed?" 

FURTHER FINDINGS OF FACT (FF) 
Dan '103 

(8) Dan is directed toward automatic contract negotiation between 
multiple parties over a communication network (Abstract). The parties 
determine a negotiation protocol before the negotiation process including 
transport protocol (communication protocol, encoding, and transport security 
information) (Abstract, pg. 1, [0005], and Fig. 3). 

(9) Possible elements of a negotiation meta contract 110 that define 

information about the meta contract include many variations and 

combinations of types of information, for example, 

general information 120, information about roles and participants 130, 
delivery channels 140 and transport protocol 150, document-exchange 
(DocExchange) protocol 160, negotiation protocol 170, sequencing 
rules 180 and policy constraints 190. The negotiation protocol 170 
defines the negotiation operations, e.g., actions for selecting and 
changing values of parameters, actions for changing constraints, etc. 
A set of sequencing rules 180 may be provided in meta contract 110 
to ensure that the various negotiation actions are being issued in the 
correct order. The meta contract may also provide a set of policy 
constraints 190 for governing the negotiation. Policy constraints may 
include, for example, time constraints that specify the amount of time 
in which a response is required or the amount of time allowed before 
an offer is withdrawn. 

(pg. 3, [0032]). 



13 



Appeal 2008-006148 
Application 10/040,573 

ANALYSIS 

We find Dan '103 teaches determining the type of data permitted and 
including those types of data allowed as part of the agreement (if it is the 
right protocol, meets time constraints, etc.) (FF 8 and FF 9). Thus, we find 
Appellants have not shown the Examiner erred in finding Dan '103 teaches 
"the agreement comprises types of data allowed." 

ISSUE 3 
35 U.S.C. § 103(a): claims 5, 47 
35 U.S.C. § 103(a): claims 38, 39, 53 
35 U.S.C. § 103(a): claims 21-23, 27, 33-36, 42 and 55 
35 U.S.C. § 103(a): claims 48-51 
Appellants presented no separate arguments for these rejections. 
Accordingly, Appellants have not presented any evidence or arguments to 
persuade us of error in the Examiner's rejections of these claims. Therefore, 
these claims fall with their respective independent claims. 

CONCLUSION 

Appellants have not shown that the Examiner erred in finding claim 1 
and similarly argued claims 14, 26, 41, and 55 reciting commensurate 
language obvious over Dan '290 and Epsteine. Since dependent claims 2-5, 
21-25, 27-29, 33-39, 42, 43, and 47-54 depend either directly or indirectly 
from representative and independent claims 1, 14, 26, or 41, and were not 
argued separately, Appellants have not shown the Examiner erred in finding 
claims 2-5, 21-25, 27-29, 33-39, 42, 43, and 47-54 obvious. Additionally, 
Appellants have not shown the Examiner erred in rejecting claim 8 for 
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obviousness and thus, its dependent claims 9 and 10 fall with claim 8. 
Accordingly, Appellants have not shown the Examiner erred in rejecting 
claims 1-5, 8-10, 14, 21-29, 33-39, 41-43, and 47-55 under 35 U.S.C. 
§ 103(a) for obviousness. 

DECISION 

The Examiner's rejection of claims 1-4, 14, 24-26, 28-29, 37, 41, 43, 
and 52-54 under 35 U.S.C. § 103(a) as being unpatentable over Dan '290, 
and Epsteine is affirmed. 

The Examiner's rejection of claims 5 and 47 under 35 U.S.C. § 103(a) 
as being unpatentable over Dan '290, Epsteine, and Reed is affirmed. 

The Examiner's rejection of claims 5 and 47 under 35 U.S.C. § 103(a) 
as being unpatentable over Dan '290, Epsteine, and Pfleeger is affirmed. 

The Examiner's rejection of claims 38, 39 and 53 under 35 U.S.C. 
§ 103(a) as being unpatentable over Dan '290, Epsteine, and Ashdown is 
affirmed. 

The Examiner's rejection of claims 8-10, 21-23, 27, 33-36, 42, and 55 
under 35 U.S.C. § 103(a) as being unpatentable over Dan '290, Epsteine and 
Dan '103 is affirmed. 

The Examiner's rejection of claims 48-51 under 35 U.S.C. § 103(a) as 
being unpatentable over Dan '290, Epsteine, Pfleeger, and Dan '103 is 
affirmed. 
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No time period for taking any subsequent action in connection with 
this appeal may be extended under 37 C.F.R. § 1.136(a)(l)(iv) (2009). 

AFFIRMED 

Vsh 
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